<!--#include virtual="/includes/modules/common.asp"-->
<!--#include virtual="/includes/modules/sidebar.asp"-->
<% 

function conn_db(serverip,port,db,user,pass)
 conn_db = 0
 dbConn.open "Driver={MySQL ODBC 3.51 Driver};Server=" & serverip & ";Port=" & port & ";Database=" & db & ";User=" & user & ";Password=" & pass & ";Option=3;"
' dbConn.Open "Provider = Microsoft.Jet.OLEDB.4.0;Data Source = " & server.MapPath("mdb-database") & "\" & "zblog.mdb" & ";"
 'dbConn.open "dsn=zBlog;"
 conn_db = true
end function

function get_core_settings()
 dbRS1.open "select * from " & db_prefix & "options",dbConn
 zb_theme = dbRS1("theme")
 master_page = "/themes/" & zb_theme & "master.asp"
 use_custom_home = (dbRS1("use_custom_home") = 1)
 zb_ppp = dbRS1("posts_perpage")
 use_nice_urls = (dbRS1("use_nice_urls") = 1)
 zb_name = dbRS1("name")
 zb_enabled = (dbRS1("enabled") = 1)
 zb_dis_text = dbRS1("disabled_text")
 zb_copyright = dbRS1("copyright")
 zb_description = dbRS1("description")
 zb_keywords = dbRS1("keywords")
 zb_addmeta = dbRS1("add_meta")
 zb_root = dbRS1("root")
 dbRS1.close
 get_core_settings = true
'## DEBUG
'if Session("u_level") = 10 then
'	zb_theme = "light"
'	zb_name = "UnWritten OSBE"
'end if
end function

function get_user(userid)
  get_user = false
  dbRS1.open "select * from " & db_prefix & "users where id = " & userid,dbConn
  if not(dbRS1.eof) then
    for i=0 to user_el-1
     user(i+1) = dbRS1(i)
	next
	if isnull(user(bio)) or user(bio) = "" then user(bio) = "Bio not found"
	if isnull(user(msn)) or user(msn) = "" then user(msn) = "Not shared"
  	if isnull(user(skype)) or user(skype) = "" then user(skype) = "Not shared"
	get_user = true
  end if
  dbRS1.close
  if not(get_user) then
  	for i = 1 to 17
		user(i) = ""
	next
	user(1) = 0
  end if
end function

function get_page()
'RETURNS true if page is found, false otherwise
get_page = false
if page_name="" and page_action = "" and use_custom_home = true then page_name="home"
select case page_name
case ""
	page(ent_type) = 3
	'check action
	select case page_action
		case ""
			'must load homepage
  			page(title) = "Homepage"
  			page(excerpt) = ""
			page(content) = ""
			page(content) = loadPostList(true,"","")
			mnu_key = "mnu_home"
			get_page = true
		case "user-signup"
			Dim name_taken,invalid_email,no_pass
			page(title) = "User signup"
  			page(excerpt) = ""
			page(content) = ""
			if Session("u_level") = 0 then
			'check if name is already taken
			dbRS2.open "select * from " & db_prefix & "users where login = '" & request.Form("n") & "' or nick = '" & request.form("n") & "'",dbConn
			if not(dbRS2.eof) then name_taken = true
			dbRS2.close
			if lcase(request.form("n")) = "administrator" then name_taken = true
			if lcase(request.form("n")) = "admin" then name_taken = true
			if lcase(request.form("n")) = "guest" then name_taken = true
			'check email
			if not(instr(request.form("e"),"@")>0) then invalid_email = true
			if not(instr(request.form("e"),".")>0) then invalid_email = true
			if len(request.form("p"))<5 then no_pass = true
			if len(request.Form("n"))=0 or name_taken or invalid_email or no_pass then
  				page(content) = page(content) & "Please fill this form to create your own account for the site.<br />You will be able to specify additional information (optional) after signing up.<br />"
				page(content) = page(content) & gen_signup()
				if request.form("n") <> "" then
				if name_taken then page(content) = page(content) & "<font color=""660000"">&raquo;&nbsp;Username is already taken.</font><br />"
				if invalid_email then page(content) = page(content) & "<font color=""660000"">&raquo;&nbsp;Please insert a valid email address (it won't be shared).</font><br />"
				if no_pass then page(content) = page(content) & "<font color=""660000"">&raquo;&nbsp;Your password must be at least 5 letters long.</font><br />"
				end if
				else
				  'create new user account
				  Dim sha1s,spws
				  set sha1s =  GetObject("script:"&Server.MapPath("/includes/sha1.wsc"))
				  sha1s.hexcase = 1
				  spws = request.form("p")
    			  spws = sha1s.hex_hmac_sha1("0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", spws)
				  dbConn.execute "insert into " & db_prefix & "users (login,nick,password,email,level,member_since,ustatus,ip) values ('" & request.form("n") & "','" & request.form("n") & "','" & spws & "','" & request.Form("e") & "',1,'" & str2dat(now()) & "',1,'" & request.ServerVariables("REMOTE_ADDR") & "')"
				  page(content) = "Thanks, you are now registered and can <a href=""login.asp"">login</a>."
			end if
			else
				page(content) = "You are already logged in."
			end if
			get_page = true
		case "user-login"
  			page(title) = "User Login"
			if Session("u_level") = 0 then
			if len(request.Form("n"))=0 then
  				page(content) = gen_login()
				else
				  'check login
				  Dim sha1,spw
				  set sha1 =  GetObject("script:"&Server.MapPath("/includes/sha1.wsc"))
				  sha1.hexcase = 1
				  spw = request.form("p")
    			  spw = sha1.hex_hmac_sha1("0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b", spw)
				  if checkLogin(request.Form("n"),spw) then
				    if return_url = "" or instr(return_url,"login.asp") > 0 or instr(return_url,"signup.asp") > 0 or instr(return_url,"lost-password.asp") > 0 then return_url = "/"
				  	Response.Redirect html_decode(return_url)
					else
					 page(content) = gen_login() & "<br><font color=""#cc0000"">Login failed, please check your credentials.</font>"
				  end if
			end if
			else
				page(content) = "You are already logged in."
			end if
  			get_page = true
		case "lost-password"
			page(title) = "Recover your password"
			page(excerpt) = ""
			page(content) = lostPassForm()
			get_page = true
		case "user-profile"
			page(title) = u_name
  			page(excerpt) = ""
			page(content) = userprofile()
			get_page = true
		case "search"
			page(title) = "Search"
  			page(excerpt) = ""
			if len(strtag) > 0 then
				page(content) = "<div class=""info""><i>Searching posts tagged as <strong>" & strtag & "</strong></i></div>"
				else
				  page(content) = "<div class=""info""><i>Searching for <strong>" & strsearch & "</strong></i></div>"
			end if
			page(content) = page(content) & loadPostList(false,strtag,strsearch)
			get_page = true
		case "list-contents"
			page(title) = "Contents"
			page(excerpt) = ""
			page(content) = listContents()
			mnu_key = "mnu_articles"
			get_page = true
		case "profile"
			page(title) = "Edit profile"
			page(excerpt) = ""
			get_user Session("u_id")
			page(content) = usereditform(Session("u_id"))
			get_page = true
		case "404"
			page(title) = "Page not Found"
			page(excerpt) = ""
			page(content) = "Oops, the content you were looking for doesn't appear to be here."
			get_page = true
	end select
case else
  'lookup page in db
  dbRS1.open "select * from " & db_prefix & "posts where ent_name = '" & page_name & "';",dbConn
  if not(dbRS1.eof) then
   if not(dbRS1("publish_status")<>1 AND Session("u_level") < 10) then
    for i=0 to page_el-1
     page(i+1) = dbRS1(i)
	next
	page(title) = Server.HTMLEncode(page(title))
	if page(ent_name) = "contact" then page(content) = page(content) & gen_contactform()
	if isnull(page(views)) then page(views) = 0
	dbConn.execute "update " & db_prefix & "posts set views = " & page(views)+1 & " where id = " & page(id) 
	if page(ent_type) = 2 and mnu_key = "" then mnu_key = "mnu_articles"
  	get_page = true
   end if
  end if
  dbRS1.close
end select
end function

function html_encode(stringa)
	stringa = replace(stringa,"/","%2f")
	html_encode = stringa
end function

function html_decode(stringa)
	stringa = replace(stringa,"%2f","/")
	html_decode = stringa
end function

function dbg_page()
'outputs the page array
	response.write "##-PAGE array [S]<br>"  & vbcrlf
	for i = 1 to page_el
		response.write "# " & page(i) & "<br />" & vbcrlf
	next
	response.write "##-PAGE array [E]<br>"  & vbcrlf
end function

function getTemplatePage(tpage)
	Dim template_path,FSO, doc
	
	template_path = server.MapPath("/") & "\themes\" & zb_theme & "/" & tpage
	Set FSO = Server.CreateObject("Scripting.FileSystemObject")
	If FSO.FileExists(template_path) Then
		Set doc = FSO.OpenTextFile(template_path, 1)
		getTemplatePage = doc.ReadAll
		doc.Close
		Set doc = Nothing
	Else
		getTemplatePage = "Err"
	End If

	Set FSO = Nothing	
end function

function BuildPage()
	'BuildPage = false
	Dim template_code
	template_code = getTemplatePage("master.asp")
	if template_code <> "Err" then
		Response.Write gen_page(template_code)
	end if
end function

function gen_page(template_code)
	Dim template_tags,tcode
    
	tcode = template_code
	tcode = Replace(tcode, "[#-", Chr(0) & "[#-")
	tcode = Replace(tcode, "-#]", "-#]" & Chr(0))

	template_tags = Split(tcode, Chr(0))
	for i = 0 To UBound(template_tags, 1)
		template_code = Replace(template_code,template_tags(i),run_module(template_tags(i)))
	next
	'set active menu
Dim mnustr,mnuend,idstr,idend,mnuid
	mnustr = instr(template_code,"<div id=""menu"">")+10
	mnuend = instr(mnustr,template_code,"</ul>")
	idstr = instr(mnustr,template_code,"id=")+4
	do while idstr > 4 and idstr < mnuend
		idend = instr(idstr,template_code,"""")
		mnuid = mid(template_code,idstr,idend-idstr)
		'mnuid holds a menu id, check it against the mnu_key of the current page
		'response.write mnuid & " - " & mnu_key & " - " & (mnuid = mnu_key) & "<br />"
		if mnuid = mnu_key then template_code = replace(template_code,mnuid,mnuid & """ class=""active""")
		idstr = instr(idend+1,template_code,"id=")+4
	loop
	gen_page = template_code
end function

function run_module(ttag)
	select case ttag
		case "[#-ZB_HEADER-#]"
			run_module = gen_header()
		case "[#-SEARCH-#]"
			run_module = gen_search()
		case "[#-MAIN_CONTENT-#]"
			run_module = gen_content()
		case "[#-WELCOME-#]"
			run_module = gen_welcome()
		case "[#-ZB_FOOTER-#]"
			run_module = gen_footer()
		case "[#-RECENT_POSTS-#]"
			run_module = gen_recentposts()
		case "[#-MOST_POPULAR_POSTS-#]"
			run_module = gen_mostpopularposts()
		case "[#-MOST_COMMENTED_POSTS-#]"
			run_module = gen_mostcommentedposts()
		case "[#-TAG_CLOUD-#]"
			run_module = gen_tagcloud()
		case "[#-POLL-#]"
			run_module = gen_poll()
		case "[#-ZB_NAME-#]"
			run_module = zb_name
%>
<!--#include virtual="/plugins/core.asp" -->
<%
		case else
			run_module = ttag
	end select
end function

function dat2str(db_date)
	if isdate(db_date) then
		dat2str = month(db_date) & "/" & day(db_date) & "/" & year(db_date) & " " & formatdatetime(db_date,3)
		else
			dat2str = "<i>Undefined</i>"
	end if
end function

function dat2rss(db_date,offset)
'credits: www.expertsforge.com
	if isdate(db_date) then
		Dim myDay, myDays, myMonth, myYear
		Dim myHours, myMonths, mySeconds
		myDate = CDate(db_date)
		myDay = WeekdayName(Weekday(myDate),true)
		myDays = Day(myDate)
		myMonth = MonthName(Month(myDate), true)
		myYear = Year(myDate)
		myHours = zeroPad(Hour(myDate), 2)
		myMinutes = zeroPad(Minute(myDate), 2)
		mySeconds = zeroPad(Second(myDate), 2)
		dat2rss = myDay&", "& _
					myDays&" "& _
                    myMonth&" "& _ 
                    myYear&" "& _
                    myHours&":"& _
                    myMinutes&":"& _
                    mySeconds&" "& _ 
                    offset
		else
			dat2rss = "<i>Undefined</i>"
	end if
end function 
function zeroPad(m, t)
   zeroPad = String(t-Len(m),"0")&m
end function

function str2dat(db_date)
	mese = month(db_date)
	if mese < 10 then mese = "0" & mese
	giorno = day(db_date)
	if giorno < 10 then giorno = "0" & giorno
	str2dat = year(db_date) & "-" & mese & "-" & giorno & " " & replace(formatdatetime(db_date,4),".",":")
end function

function getpstat(stat)
select case stat
	case 0
		getpstat = "<strong><font color=""#660000"">Unpublished</font></strong>"
	case 1
		getpstat = "<strong><font color=""#006600"">Published</font></strong>"
	case 2
		getpstat = "<strong><font color=""#000066"">Private</font></strong>"
	case else
		getpstat = "<strong><font color=""#c0c0c0"">Unknown</font></strong>"
end select
end function

function getexc(content)
	getexc = left(strip_html(content),200)
end function

function getname(title)
	Dim safe_name
	title = lcase(title)
	for i = 1 to len(title)
		if instr(awd_postname,mid(title,i,1))>0 then
			safe_name = safe_name & mid(title,i,1)
		end if
	next
	getname = replace(safe_name," ","-")
	'check if a post with same title already exists
	dbRS1.open "select ent_name from " & db_prefix & "posts where ent_name = '" & getname & "'"
	Dim rgetname,suffix
	suffix = 1
	rgetname = getname
	do while not(dbRS1.eof)
		getname = rgetname
		suffix = suffix + 1
		getname = rgetname & "-" & suffix
		dbRS1.close
		dbRS1.open "select ent_name from " & db_prefix & "posts where ent_name = '" & getname & "'"
	loop
	dbRS1.close
end function

function get_referer
	get_referer = request.ServerVariables("HTTP_REFERER")
end function

function loadPostList(ishome,tag,ssearch)
	Dim strsql,numrecs
	loadPostList = loadPostList & "<div id=""postlist_div"">"
	if ishome then
		strsql = "from " & db_prefix & "posts, " & db_prefix & "users where ent_type = 1 and publish_status = 1 and author = " & db_prefix & "users.id order by pdate desc"
		else
		  if len(tag) > 0 then
		    'search by tag
		  	strsql = "from " & db_prefix & "posts, " & db_prefix & "users, " & db_prefix & "posttags," & db_prefix & "tags where ent_type = 1 and " & db_prefix & "tags.id = " & db_prefix & "posttags.tagid and " & db_prefix & "posts.id = " & db_prefix & "posttags.postid and " & db_prefix & "tags.text = '" & tag & "' and publish_status = 1 and author = " & db_prefix & "users.id"
			else
			  'text search
			  strsql = "from " & db_prefix & "posts, " & db_prefix & "users where ent_type = 1 and publish_status = 1 and author = " & db_prefix & "users.id and concat(title,content) like '%" & ssearch & "%'"	
		  end if
	end if
	dbRS2.open "select count(" & db_prefix & "posts.id) " & strsql,dbConn
	numrecs = cint(dbRS2(0))
	dbRS2.close
	dbRS2.open "select * " & strsql & " limit " & zb_ppp*p-zb_ppp & "," & zb_ppp & ";",dbConn
	Dim home_code, real_home_code
	if not dbRS2.eof then
		home_code = getTemplatePage("post-list.asp")
		else loadPostList = loadPostList & "Nothing found. Please search again."
	end if
	do while not dbRS2.eof
		real_home_code = home_code
		real_home_code = replace(real_home_code,"[#-POST_TITLE-#]","<a href=""/?pg=" & dbRS2("ent_name") & """>" & dbRS2("title") & "</a>")
		if ishome then
			real_home_code = replace(real_home_code,"[#-POST_CONTENT-#]",dbRS2("content"))
			else
			  real_home_code = replace(real_home_code,"[#-POST_CONTENT-#]",strip_html(dbRS2("excerpt")))
		end if
		real_home_code = replace(real_home_code,"[#-POST_META-#]",gen_meta())
		real_home_code = replace(real_home_code,"[#-USER_AVATAR-#]",get_avatar(dbRS2("author")))
		loadPostList = loadPostList & real_home_code & vbcrlf
		dbRS2.movenext
	loop
	dbRS2.close
	loadPostList = loadPostList & "<br />"
	loadPostList = loadPostList & "<table width=""100%""><tr><td width=""50%"">"
	if p>1 then
		loadPostList = loadPostList & "<a href=""?p=" & p-1 & "&s=" & strtag & "&ss=" & strsearch & """>&laquo;&nbsp;Previous page</a>"
	end if
	loadPostList = loadPostList & "</td><td align=""right"">"
	if numRecs > zb_ppp*p then
		loadPostList = loadPostList & "<a href=""?p=" & p+1 & "&s=" & strtag & "&ss=" & strsearch & """>Next page&nbsp;&raquo;</a>"
	end if
	loadPostList = loadPostList & "</td></tr></table>"
	loadPostList = loadPostList & "</div>"
end function

function strip_html(htmlstr)
	Dim RegEx, result
	Set RegEx = New RegExp
	RegEx.Pattern = "<[^>]*>"
	RegEx.Global = True
	RegEx.IgnoreCase = True
	result = RegEx.Replace(htmlstr, "")
	Set RegEx = Nothing
	'result = server.HTMLEncode(htmlstr)
	strip_html = result
end function

function gettagid(curtag)
	dbRS3.open "select * from " & db_prefix & "tags where text = '" & curtag & "'",dbConn
	if dbRS3.eof then
		dbConn.execute "insert into " & db_prefix & "tags(text) values('" & curtag & "')"
		dbRS3.close
		dbRS3.open "select * from " & db_prefix & "tags where text = '" & curtag & "'",dbConn
	end if
	gettagid = dbRS3("id")
	dbRS3.close
end function

function getPostTags(post_id)
dbRS3.open "select * from " & db_prefix & "posttags," & db_prefix & "tags where " & db_prefix & "tags.id = " & db_prefix & "posttags.tagid and postid = " & post_id,dbConn
do while not dbRS3.eof
	wktags = wktags & "<i><a href=""/search.asp?s=" & dbRS3("text") & """>" & dbRS3("text") & "</a></i>, "
	dbRS3.movenext
loop
dbRS3.close
if len(wktags)>0 then
	wktags = left(wktags,len(wktags)-2)
	else wktags = "<i>not tagged.</i>"
end if
getPostTags = wktags
end function

function getPostComments(post_id)
	dbRS3.open "select count(id) from " & db_prefix & "comments where postid = " & post_id,dbConn
	getPostComments = dbRS3(0)
	dbRS3.close
end function

Function UserEditForm(uid)
UserEditForm = ""
if len(request.QueryString("msg"))>0 then UserEditForm = UserEditForm & "<div class=""info"">" & request.QueryString("msg") & "</div>"
UserEditForm = UserEditForm & "<div class=""tabber"" id=""aavatartab"">"
UserEditForm = UserEditForm & "<div class=""tabbertab"">"
UserEditForm = UserEditForm & "      <h2>Avatar</h2>"
UserEditForm = UserEditForm & "<span class=""small"">Choose a picture from your PC and upload it to use it as your avatar.<br /><strong>NOTE: </strong> pic size should be 64x64 pixels or it will be stretched.<br /><br /></span>"
UserEditForm = UserEditForm & "<table width=""100%""><tr><td>"
UserEditForm = UserEditForm & "<form method=""POST"" enctype=""multipart/form-data"" action=""/admin/avatar-upload.asp"" name=""avatar"">" & vbcrlf
UserEditForm = UserEditForm & "<input type=""hidden"" name=""ui"" value=""" & uid & """ />" & vbcrlf
UserEditForm = UserEditForm & "<input type=""file"" name=""File1"" size=""50""><br>" & vbcrlf
UserEditForm = UserEditForm & "<input type=""submit"" name=""submit"" value=""upload"" style=""color:#006600;border:1px solid #006600"">" & vbcrlf
UserEditForm = UserEditForm & "</form>"
UserEditForm = UserEditForm & "</td><td valign=""top"">"
UserEditForm = UserEditForm & "<span class=""small"">Current Avatar<br /><br /></span>"
'show current avatar
UserEditForm = UserEditForm & "<img src=""" & get_avatar(user(id)) & """ width=""64"" height=""64"" style=""padding:2px;border:1px solid #c0c0c0;"" />" & vbcrlf
UserEditForm = UserEditForm & "<form name=""remav"" action=""/admin/remav.asp"" method=""post""><input type=""hidden"" name=""ui"" value=""" & uid & """ /><input type=""submit"" value=""Remove"" /></form>" & vbcrlf
UserEditForm = UserEditForm & "</td></tr></table></div></div><br />"
UserEditForm = UserEditForm & "<form id=""edit_user"" method=""post"" action=""/admin/doedit-user.asp"">"
UserEditForm = UserEditForm & "<div class=""tabber"" id=""aprofiletab"">"
UserEditForm = UserEditForm & "	<div class=""tabbertab"">"
UserEditForm = UserEditForm & "      <h2 class=""tab"">Member info</h2>"
UserEditForm = UserEditForm & "		<label>Login</label><br /><input type=""text"" size=""50"" maxlength=""50"" name=""name"" value=""" & user(login) & """"
if Session("u_level")<10 then UserEditForm = UserEditForm & " readonly=""readonly"""
UserEditForm = UserEditForm & " /><br /><br />"
UserEditForm = UserEditForm & "        <label>Url</label><br /><input type=""text"" size=""50"" maxlength=""50"" name=""url"" value=""" & user(url) & """ /><br /><br />"
UserEditForm = UserEditForm & "        <label>Member Since: </label>" & user(member_since) & "<br />"
UserEditForm = UserEditForm & "        <label>Last Visit: </label>" & user(last_visit) & "<br /><br /></div>"
'UserEditForm = UserEditForm & "        <p align=""right""><a href=""#"">Reset Password</a></p>"
UserEditForm = UserEditForm & "  	<div class=""tabbertab"">"
UserEditForm = UserEditForm & "      <h2 class=""tab"">Bio and Contact Info</h2>"
UserEditForm = UserEditForm & "      	<label>Bio</label><br /><textarea id=""content"" name=""bio"" cols=""50"">" & server.HTMLEncode(user(bio)) & "</textarea>"
UserEditForm = UserEditForm & sep1
UserEditForm = UserEditForm & "        <label>E-Mail</label><br /><input type=""text"" size=""50"" maxlength=""50"" name=""email"" value=""" & user(email) & """ /><br /><br />"
UserEditForm = UserEditForm & "        <label>MSN</label><br /><input type=""text"" size=""50"" maxlength=""50"" name=""msn"" value=""" & user(msn) & """ /><br /><br />"
UserEditForm = UserEditForm & "        <label>Skype</label><br /><input type=""text"" size=""50"" maxlength=""50"" name=""skype"" value=""" & user(skype) & """ /><br /><br />"
UserEditForm = UserEditForm & "</div>"
if Session("u_level") = 10 then
UserEditForm = UserEditForm & "  	<div class=""tabbertab"">"
UserEditForm = UserEditForm & "      <h2 class=""tab"">Admin</h2>"
UserEditForm = UserEditForm & "      	<label>User Level</label><br />"
UserEditForm = UserEditForm & "      	<select name=""level"">"
UserEditForm = UserEditForm & "            <option value=""1"""
if user(level)=1 then UserEditForm = UserEditForm & " selected "
UserEditForm = UserEditForm & " >Subscriber</option>"
UserEditForm = UserEditForm & "            <option value=""10"""
if user(level)=10 then UserEditForm = UserEditForm & " selected "
UserEditForm = UserEditForm & " >Admin</option>"
UserEditForm = UserEditForm & "        </select><br /><br />"
UserEditForm = UserEditForm & "      	<label>Signup IP</label><br /><input type=""text"" size=""50"" maxlength=""50"" name=""ip"" value=""" & user(ip) & """ readonly=""readonly"" /><br /><br />"
UserEditForm = UserEditForm & "        <label>Last IP</label><br /><input type=""text"" size=""50"" maxlength=""50"" name=""last_ip"" value=""" & user(lastip) & """ readonly=""readonly"" /><br /><br />"
'UserEditForm = UserEditForm & "        <label>Activation Key</label><br /><input type=""text"" size=""50"" maxlength=""50"" name=""activation_key"" value=""" & user(activation_key) & """ /><br /><br />"
UserEditForm = UserEditForm & "        <label>Change Password</label><br /><input type=""text"" size=""50"" maxlength=""50"" name=""p"" /><br /><br />"
UserEditForm = UserEditForm & "        <label>User status</label><br />"
UserEditForm = UserEditForm & "        <select name=""ustatus"" disabled=""disabled"">"
UserEditForm = UserEditForm & "        	<option value=""1"">Active</option>"
UserEditForm = UserEditForm & "        </select>"
UserEditForm = UserEditForm & "   </div>"
end if
if Session("u_level") < 10 then
UserEditForm = UserEditForm & "  	<div class=""tabbertab"">"
UserEditForm = UserEditForm & "      <h2 class=""tab"">Change Password</h2>"
UserEditForm = UserEditForm & "      	<label>Current Password</label><br /><input type=""password"" size=""50"" maxlength=""50"" name=""op"" /><br /><br />"
UserEditForm = UserEditForm & "      	<label>New Password</label><br /><input type=""password"" size=""50"" maxlength=""50"" name=""p"" /><br /><br />"
UserEditForm = UserEditForm & "     </div>"
end if
UserEditForm = UserEditForm & "</div>"
UserEditForm = UserEditForm & "<div class=""form_buttons"">"
UserEditForm = UserEditForm & "<input type=""hidden"" name=""id"" value=""" & user(id) & """ />"
UserEditForm = UserEditForm & "<input type=""submit"" value=""Save"" class=""big_button"" />"
UserEditForm = UserEditForm & "</div>"
UserEditForm = UserEditForm & "</form>"
End Function

function genRndStr(numc)
randomize()
Dim tmpstr
for i = 1 to numc
	tmpstr = tmpstr & chr(cint((rnd()*(122-97))+97))
next
genRndStr = tmpstr
end function

sub sendEmail(testo,oggetto,mfrom,mto)
	  'send email
	  	DIM iMsg, Flds, iConf
		Set iMsg = CreateObject("CDO.Message")
		Set iConf = CreateObject("CDO.Configuration")
		Set Flds = iConf.Fields
		Flds(cdoSendUsingMethod) = 2
		Flds(cdoSMTPServer) = cfg_mailserver 
		Flds(cdoSMTPServerPort) = cfg_mailport
		if cfg_mailauth = 1 then
			Flds("http://schemas.microsoft.com/cdo/configuration/smtpauthenticate") = cfg_mailauth 
			Flds("http://schemas.microsoft.com/cdo/configuration/sendusername") = cfg_mailuser 
			Flds("http://schemas.microsoft.com/cdo/configuration/sendpassword") = cfg_mailpass 
		end if

		
		Flds.Update
		With iMsg
		   Set .Configuration = iConf
		   .To = cfg_mailto
		   .From = request.form("email")
		   .Sender = cfg_mailfrom
		   .Subject = oggetto
		   .HTMLBody = testo
		   .Send
		End With
		set iMsg = nothing
		set iConf = nothing
		set Flds = nothing
End sub

Function initLogIn
	initLogIn = false
	if not(isnull(Session("u_id"))) then
	  if session("u_id") > 0 then
		' no need to check coookies
		initLogIn = true
	  end if
	end if
	if not initLogIn and not(isnull(request.Cookies("user")("u_id"))) then
		if request.Cookies("user")("u_id") <> "" then
		'no logged in user in session var, maybe cookie?
			'load user data from cookie
			Session("u_name") = request.Cookies("user")("u_name")
			Session("u_level") = request.Cookies("user")("u_level")
			Session("u_id") = request.Cookies("user")("u_id")
			Session("u_url") = request.Cookies("user")("u_url")
			Session("u_email") = request.Cookies("user")("u_email")
			initLogIn = true
		end if
	end if
End Function

Function min(num1,num2)
	min = num1
	if num2 < num1 then min = num2
End function

Function remAvatar(uid)
Dim FSO
Set FSO = Server.CreateObject("Scripting.FileSystemObject")
filename = "\" & uid & ".jpg"
if FSO.FileExists(Server.mappath("/public/avatars") & filename) then  FSO.DeleteFile(Server.mappath("/public/avatars") & filename)
filename = "\" & uid & ".png"
if FSO.FileExists(Server.mappath("/public/avatars") & filename) then  FSO.DeleteFile(Server.mappath("/public/avatars") & filename)
filename = "\" & uid & ".gif"
if FSO.FileExists(Server.mappath("/public/avatars") & filename) then  FSO.DeleteFile(Server.mappath("/public/avatars") & filename)
set FSO = nothing
End function

function get_avatar(uid)
Dim FSO
Set FSO = Server.CreateObject("Scripting.FileSystemObject")
filename = "\" & uid & ".jpg"
if FSO.FileExists(Server.mappath("/public/avatars") & "\" & uid & ".jpg") then
	get_avatar = "/public/avatars/" & uid & ".jpg"
	else
	if FSO.FileExists(Server.mappath("/public/avatars") & "\" & uid & ".png") then
		get_avatar = "/public/avatars/" & uid & ".png"
		else
		if FSO.FileExists(Server.mappath("/public/avatars") & "\" & uid & ".gif") then
			get_avatar = "/public/avatars/" & uid & ".gif"
			else
			get_avatar = "/public/avatars/default.jpg"
		end if
	end if
end if
end function
%>